package com.ruoyi.framework.security.h1w;

import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.redis.RedisCache;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;

/**
 * 自定义登陆鉴权 Provider，要求实现 AuthenticationProvider 接口
 * @author jitwxs
 * @since 2019/1/9 13:59
 */
public class H1wAuthenticationProvider implements AuthenticationProvider {
    private UserDetailsService userDetailsService;

    private static RedisCache redisCache;
    public static void setRedisUtils(RedisCache redisUtils) {
        H1wAuthenticationProvider.redisCache = redisUtils;
    }

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        H1wAuthenticationToken authenticationToken = (H1wAuthenticationToken) authentication;

        String mobile = (String) authenticationToken.getPrincipal();
        String anyCode =  authenticationToken.getAnyCode();
        Integer type =  authenticationToken.getType();

        //逻辑判定
        check(mobile,anyCode,type);

        UserDetails userDetails = userDetailsService.loadUserByUsername(mobile);

        // 此时鉴权成功后，应当重新 new 一个拥有鉴权的 authenticationResult 返回
        H1wAuthenticationToken authenticationResult = new H1wAuthenticationToken(userDetails, userDetails.getAuthorities());

        authenticationResult.setDetails(authenticationToken.getDetails());

        return authenticationResult;
    }

    private void check(String userName,String anyCode,Integer type) {
        switch (type){
            case 1:
                //手机登录 - 短信验证码
                /*
                String ver = redisCache.getCacheObject(userName);
                redisCache.deleteObject(userName);
                if(ver == null || !ver.equals(anyCode))
                    throw new BadCredentialsException("验证码错误");
                */
                break;
            case 2:
                //微信登录
                break;
            case 3:
                //苹果登录
                break;
            default:
                throw new BadCredentialsException("登录类型错误");
        }
    }

    @Override
    public boolean supports(Class<?> authentication) {
        // 判断 authentication 是不是 H1wAuthenticationToken 的子类或子接口
        return H1wAuthenticationToken.class.isAssignableFrom(authentication);
    }

    public UserDetailsService getUserDetailsService() {
        return userDetailsService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
}
